Even though the actual exploit currently out there (the one used in the Google attack) only affects Windows XP running Internet Explorer 6, Microsoft still rates this vulnerability as "Critical", meaning the company takes it quite seriously.

Thom, are you aware that some security experts have come up with exploit code against this vulnerability that they claim works on IE7 and IE8 running on Vista or Windows 7?

It is just that these more advanced exploits weren't seen in the wild or used by attackers.